Описание
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2004-2388
- https://exchange.xforce.ibmcloud.com/vulnerabilities/15455
- http://secunia.com/advisories/11085
- http://www-1.ibm.com/support/docview.wss?uid=isg1IY53507
- http://www.ciac.org/ciac/bulletins/o-102.shtml
- http://www.osvdb.org/4248
- http://www.securityfocus.com/bid/9835
EPSS
Процентиль: 77%
0.01008
Низкий
CVE ID
Связанные уязвимости
nvd
около 21 года назад
rexecd for AIX 4.3.3 does not properly use a local copy of the pwd structure when calling getpwnam, which may cause the structure to be overwritten by the authenticate function and assign privileges to the wrong user.
EPSS
Процентиль: 77%
0.01008
Низкий